Total CVEs

143,746

Critical Severity

4,091

High Severity

14,758

Last 7 Days

1,546
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 1,181 - 1,200 of 1,721 CVEs
CVE-2026-9881 CRITICAL - 9.0

Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9880 HIGH - 8.3

Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9879 HIGH - 8.8

Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9878 HIGH - 8.8

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9877 HIGH - 8.3

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9876 CRITICAL - 9.6

Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9875 CRITICAL - 9.6

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9874 CRITICAL - 9.6

Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9873 HIGH - 8.8

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-9872 CRITICAL - 9.6

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: google
Product: chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10022 HIGH - 8.8

Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10021 HIGH - 8.8

Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10020 HIGH - 8.3

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10019 HIGH - 8.8

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10018 MEDIUM - 6.5

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10017 HIGH - 8.3

Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10016 HIGH - 8.8

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10015 HIGH - 8.8

Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10014 HIGH - 8.3

Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD
CVE-2026-10013 HIGH - 8.8

Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Vendor: Google
Product: Chrome
Published: May 28, 2026
Source: NVD